Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hvac 2.2.0 flagging for vulnerability #1168

Closed
sfjkastello opened this issue May 2, 2024 · 1 comment
Closed

hvac 2.2.0 flagging for vulnerability #1168

sfjkastello opened this issue May 2, 2024 · 1 comment

Comments

@sfjkastello
Copy link

[email protected] > [email protected] > [email protected]

https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047

Fix: Upgrade certifi to version 2023.7.22 or higher.
@briantist
Copy link
Contributor

We had already been using an unaffected version of certifi in our lock file since this PR at least:

That should have been in hvac==2.0.0.

We don't specify certifi as a direct dependency of the package though, it may be possible that something else is in your environment or container constrained the package, or maybe it was already installed and satisfied all the version constraints in the env/container that you scanned with Snyk.

I'll close this out for now, if you think that's in error please let me know.

@briantist briantist closed this as not planned Won't fix, can't repro, duplicate, stale Jun 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@briantist @sfjkastello